Skip to main content

Python SDK for Kernel — deterministic governance for AI agents

Project description

onkernel

Python SDK for Kernel — deterministic governance for AI agents.

Install

pip install onkernel

For encrypted response decryption:

pip install onkernel[crypto]

Quick Start

from kernel import Kernel, KernelOutcome

k = Kernel(api_key="ok_live_acme_bot1_abc123")

resp = k.execute(action="send_email", target="user@example.com", params={"body": "Hello"})

match resp.outcome:
    case KernelOutcome.ALLOWED:
        # resp.result and resp.result_message are populated
        print(resp.result_message)
    case KernelOutcome.REQUIRES_HUMAN:
        # 202 — escalate to your approval queue
        approval_id = resp.approval_id
    case KernelOutcome.BLOCKED:
        # a scanner fired; resp.violations is populated
        ...
    case KernelOutcome.DENIED:
        # a policy rule denied; resp.reason explains why
        ...

ActionResponse always carries a non-empty result_message: str — a human-readable summary that's safe to surface in an LLM tool-call result.

Handling errors

The denial path raises typed exceptions on 403:

from kernel import (
    Kernel,
    ScannerBlockedError,   # scanner fired (PII, secrets, prompt injection, …)
    PolicyDeniedError,     # policy rule denied with no scanner involvement
    KernelDeniedError,     # base / alias — catch both
)

try:
    k.execute(action="export_pii_report", target="customers")
except ScannerBlockedError as e:
    # e.violation_type, e.violation_details, e.violations
    pass
except PolicyDeniedError as e:
    # e.rule_id, e.policy_id, e.reason
    pass

3-step token flow

session = k.create_session(intent="onboard new customer")
token = k.request_token(session.id, action="create_account", target="stripe")
result = k.execute_token(token.token_id, agent_id="bot1")

Decrypting Responses

When a policy has encryption_enabled: true, responses arrive encrypted:

from kernel import Kernel
from kernel.crypto import load_private_key

k = Kernel(api_key="ok_live_acme_bot1_abc123")
private_key = load_private_key("path/to/private_key.pem")

resp = k.execute(action="fetch_records", target="db")
if resp.encrypted:
    data = resp.decrypt(private_key)

Publishing (maintainers)

The SDK is published to PyPI as onkernel. Releases go out via tag push; the publish.yml workflow handles build + Trusted-Publishing OIDC.

Always release to TestPyPI first. PyPI is fussy about metadata and artifact integrity; a TestPyPI dry-run catches mistakes before they're permanent (PyPI does not allow overwriting a released version).

One-time setup

  1. Create the project on PyPI: pip install build twine && python -m build && twine upload --repository testpypi dist/* (first manual upload claims the namespace).
  2. On PyPI → project → Publishing, add a pending publisher:
    • Owner: onkernel-ai
    • Repository: kernel-python
    • Workflow: publish.yml
    • Environment: pypi
  3. Repeat the publisher binding on test.pypi.org with environment testpypi.
  4. In the GitHub repo Settings → Environments, create pypi and testpypi. Add required reviewers on pypi if you want a release gate.

Cutting a release

  1. Bump pyproject.toml [project].version and src/kernel/__init__.py __version__ together.
  2. Update CHANGELOG.md.
  3. Pre-release dry-run:
    git tag v0.X.Y-rc.1
    git push --tags
    
    The publish.yml workflow detects the -rc.N suffix and routes to TestPyPI. Validate:
    pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple/ onkernel==0.X.Y-rc.1
    python -c "from kernel import Kernel, KernelOutcome; print(KernelOutcome.ALLOWED)"
    
  4. Real release:
    git tag v0.X.Y
    git push --tags
    
    The same workflow routes the un-suffixed tag to real PyPI.

The workflow verifies that the tag matches pyproject.toml [project].version before building — a mismatched tag fails fast instead of publishing the wrong artifact.

Fallback: manual API token

If Trusted Publishing isn't yet bound, set repo secret PYPI_API_TOKEN and replace the OIDC publish step with:

- run: twine upload -u __token__ -p "$PYPI_API_TOKEN" dist/*

Tokens carry blast-radius risk (leak = arbitrary release). Migrate to OIDC as soon as the binding is approved on the PyPI side.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

onkernel-0.2.0.tar.gz (16.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

onkernel-0.2.0-py3-none-any.whl (17.8 kB view details)

Uploaded Python 3

File details

Details for the file onkernel-0.2.0.tar.gz.

File metadata

  • Download URL: onkernel-0.2.0.tar.gz
  • Upload date:
  • Size: 16.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for onkernel-0.2.0.tar.gz
Algorithm Hash digest
SHA256 046ad5474091478b257c78fffe12c9bd39cc41184160661c3814a318d6a7a45a
MD5 5540c9bcd91c644b7f38ae359cd84663
BLAKE2b-256 281a4d93571b3911d00c4b80f7a65184386cd57caa7cfecced353d6028c931f7

See more details on using hashes here.

Provenance

The following attestation bundles were made for onkernel-0.2.0.tar.gz:

Publisher: publish.yml on onkernel-ai/kernel-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file onkernel-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: onkernel-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 17.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for onkernel-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 81af70ff3f13c5a7405c3bcc989d23147745da7fd48537405090ed4796b2aa5d
MD5 d23ac6fef5943dbca8f75e3775b7b1b6
BLAKE2b-256 a3a48737e63eb618ff95b8421d9160266cdcff4cb25693d917df445f5bd2ce07

See more details on using hashes here.

Provenance

The following attestation bundles were made for onkernel-0.2.0-py3-none-any.whl:

Publisher: publish.yml on onkernel-ai/kernel-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page